Overview

overview

10

Static

static

1

9b9d900dc9...60.exe

windows7-x64

7

9b9d900dc9...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9b9d900dc96e20a67c03c6fe3157e9ca96f993b310fff8f5108aeff29af7c160

  • Size

    2.4MB

  • Sample

    231229-jwz79scggl

  • MD5

    251a07949290769a2a5a949d8f2b225b

  • SHA1

    99bcddbe92c39a378b29c81950019abaeb175774

  • SHA256

    9b9d900dc96e20a67c03c6fe3157e9ca96f993b310fff8f5108aeff29af7c160

  • SHA512

    ce2530d64f5ef3d2d0eb06a1d2aad62b8334486335fe76e4489199ea9ea8fe27639f02e6e459c475925d77b8af83f741cde460b481f3e283e0c25556981a6cb9

  • SSDEEP

    49152:1e8Pbe4aJLOeOQD63cqM91/3/yPpjfNBqWUa5mAlOKVtSquYS66p5yBtroB8qXIV:1eSgJLDOQD6MV91/3/yRbNBqWUBLKVYU

Score
10/10
fatalratinfostealerrat

Malware Config

Targets

    • Target

      9b9d900dc96e20a67c03c6fe3157e9ca96f993b310fff8f5108aeff29af7c160

    • Size

      2.4MB

    • MD5

      251a07949290769a2a5a949d8f2b225b

    • SHA1

      99bcddbe92c39a378b29c81950019abaeb175774

    • SHA256

      9b9d900dc96e20a67c03c6fe3157e9ca96f993b310fff8f5108aeff29af7c160

    • SHA512

      ce2530d64f5ef3d2d0eb06a1d2aad62b8334486335fe76e4489199ea9ea8fe27639f02e6e459c475925d77b8af83f741cde460b481f3e283e0c25556981a6cb9

    • SSDEEP

      49152:1e8Pbe4aJLOeOQD63cqM91/3/yPpjfNBqWUa5mAlOKVtSquYS66p5yBtroB8qXIV:1eSgJLDOQD6MV91/3/yRbNBqWUBLKVYU

    Score
    10/10
    fatalratinfostealerrat

    • FatalRat

      FatalRat is a modular infostealer family written in C++ first appearing in June 2021.

      infostealerratfatalrat

    • Fatal Rat payload

      ratinfostealer

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks